blue-team-tools/rules/windows/network_connection at 4bbc1bc11993b910245e4cee8e6f5514d1da05bc - blue-team-tools - GreySec Git

security-tools/blue-team-tools

Files

T

History

phantinuss 9475153292 fix: FPs found in testing environment

2022-06-20 16:17:54 +02:00

..

net_connection_win_binary_github_com.yml

…

net_connection_win_binary_susp_com.yml

…

net_connection_win_crypto_mining.yml

…

net_connection_win_dllhost_net_connections.yml

…

net_connection_win_eqnedt.yml

…

net_connection_win_excel_outbound_network_connection.yml

…

net_connection_win_imewdbld.yml

…

net_connection_win_malware_backconnect_ports.yml

…

net_connection_win_mega_nz.yml

…

net_connection_win_msiexec.yml

…

net_connection_win_notepad_network_connection.yml

…

net_connection_win_powershell_network_connection.yml

…

net_connection_win_python.yml

…

net_connection_win_rdp_reverse_tunnel.yml

…

net_connection_win_rdp_to_http.yml

…

net_connection_win_regsvr32_network_activity.yml

…

net_connection_win_remote_powershell_session_network.yml

…

net_connection_win_rundll32_net_connections.yml

…

net_connection_win_silenttrinity_stager_msbuild_activity.yml

…

net_connection_win_susp_dropbox_api.yml

…

net_connection_win_susp_outbound_kerberos_connection.yml

…

net_connection_win_susp_outbound_mobsync_connection.yml

…

net_connection_win_susp_outbound_smtp_connections.yml

…

net_connection_win_susp_prog_location_network_connection.yml

…

net_connection_win_susp_rdp.yml

fix: FPs found in testing environment

2022-06-20 16:17:54 +02:00

net_connection_win_wuauclt_network_connection.yml

…